The qpopper list archive ending on 21 Aug 2002


Topics covered in this issue include:

  1. Re: filesystem quotas
       Clifton Royston <cliftonr at lava dot net>
       Mon, 12 Aug 2002 08:33:44 -1000
  2. QPOP log
       "Amin" <jaradat at anet.net dot sa>
       Tue, 13 Aug 2002 11:49:19 +0300
  3. Re: QPOP log
       Peter Evans <peter at gol dot com>
       Tue, 13 Aug 2002 18:02:25 +0900
  4. Re: QPOP log
       Carl Schelin <cschelin at hq.nasa dot gov>
       Tue, 13 Aug 2002 06:01:01 -0400
  5. Re: QPOP log
       "Amin" <jaradat at anet.net dot sa>
       Tue, 13 Aug 2002 13:08:55 +0300
  6. Re: QPOP log
       Peter Evans <peter at gol dot com>
       Tue, 13 Aug 2002 19:49:05 +0900
  7. Re: QPOP log
       "Amin" <jaradat at anet.net dot sa>
       Tue, 13 Aug 2002 13:38:03 +0300
  8. Re: QPOP log
       Carl Schelin <cschelin at hq.nasa dot gov>
       Tue, 13 Aug 2002 06:40:40 -0400
  9. Re: QPOP log
       Carl Schelin <cschelin at hq.nasa dot gov>
       Tue, 13 Aug 2002 07:27:43 -0400
 10. Re: QPOP log
       "Amin" <jaradat at anet.net dot sa>
       Tue, 13 Aug 2002 13:52:55 +0300
 11. Horde IMP and IMAP question
       "Vosburgh, Brian P, CTR, WHS-BB" <bvosburgh at whs dot mil>
       Tue, 13 Aug 2002 10:11:16 -0400
 12. Re: Horde IMP and IMAP question
       Sean Kelly <lists at shortestpath dot org>
       Tue, 13 Aug 2002 15:58:25 +0100 (BST)
 13. Re: QPOP log
       Justin Shore <listuser at neo.pittstate dot edu>
       Tue, 13 Aug 2002 11:06:29 -0500
 14. RE: Filesystem quotas
       "Brian R. Jones" <bjones at alacritech dot com>
       Tue, 13 Aug 2002 12:39:12 -0700
 15. RE: Filesystem quotas
       Gregory Hicks <ghicks at cadence dot com>
       Tue, 13 Aug 2002 12:50:14 -0700 (PDT)
 16. Re: QPOP log
       Randall Gellens <randy at qualcomm dot com>
       Tue, 13 Aug 2002 18:17:53 -0700
 17. Re: QPOP log
       Randall Gellens <randy at qualcomm dot com>
       Tue, 13 Aug 2002 18:19:02 -0700
 18. users can't login
       "Amin" <jaradat at anet.net dot sa>
       Wed, 14 Aug 2002 06:17:42 +0300
 19. Re: users can't login
       Eckhard Jokisch <e.jokisch at u-code dot de>
       Wed, 14 Aug 2002 11:53:12 +0200
 20. Converting from Courier to Qpopper
       "Lisa Casey" <lisa at jellico dot com>
       Thu, 15 Aug 2002 09:59:28 -0400
 21. Re: Converting from Courier to Qpopper
       The Little Prince <thelittleprince at asteroid-b612 dot org>
       Thu, 15 Aug 2002 06:53:07 -0700 (PDT)
 22. TLS/SSL write problems
       "Trey A Mujakporue" <trey.trey at ntlworld dot com>
       Thu, 15 Aug 2002 16:23:24 +0100
 23. Re: Qpopper openssl patch.
       SkyDeep <skyd at humankind dot com>
       Thu, 15 Aug 2002 12:26:27 -0500
 24. Error - Please Help
       kkim at telcordia dot com
       Thu, 15 Aug 2002 13:47:22 -0400
 25. ip logged as 0.0.0.0
       "scott@intrinsix dot net" <scott at intrinsix dot net>
       Thu, 15 Aug 2002 19:38:19 -0500
 26. Re: ip logged as 0.0.0.0
       "Alan W. Rateliff, II" <alan at yourvillage dot com>
       Fri, 16 Aug 2002 01:59:30 -0400
 27. Re: ip logged as 0.0.0.0
       "scott@intrinsix dot net" <scott at intrinsix dot net>
       Fri, 16 Aug 2002 09:32:36 -0500
 28. Re: ip logged as 0.0.0.0
       Hajimu UMEMOTO <ume at mahoroba dot org>
       Sat, 17 Aug 2002 02:09:30 +0900
 29. Deactivating service pop3 due to excessive incoming
       Theresa M Peter <theresa at email.uc dot edu>
       Fri, 16 Aug 2002 16:29:39 -0400
 30. Re: Deactivating service pop3 due to excessive incoming
       Kenneth Porter <shiva at well dot com>
       16 Aug 2002 20:39:04 -0700

 31. Re: Filesystem quotas
       Randall Gellens <randy at qualcomm dot com>
       Sun, 18 Aug 2002 23:50:48 -0700
 32. Re: Error - Please Help
       Randall Gellens <randy at qualcomm dot com>
       Mon, 19 Aug 2002 00:07:14 -0700
 33. Re: Filesystem quotas
       Randall Gellens <randy at qualcomm dot com>
       Mon, 19 Aug 2002 00:01:18 -0700
 34. Re: TLS/SSL write problems
       Randall Gellens <randy at qualcomm dot com>
       Mon, 19 Aug 2002 00:06:31 -0700
 35. Re: Filesystem quotas
       Eric Luyten <Eric.Luyten at vub.ac dot be>
       Mon, 19 Aug 2002 11:41:01 +0200 (MET DST)
 36. Big mailbox: getting errors (maybe timeout)?
       Jose Vicente Nunez Zuleta <josevnz at newbreak dot com>
       Mon, 19 Aug 2002 10:44:25 -0400
 37. qpopper 4.0 install problems
       "Mike Pacheco" <mike at fwdsystems dot com>
       Wed, 21 Aug 2002 11:28:02 -0400
 38. RE: qpopper 4.0 install problems
       "Mike Pacheco" <mike at fwdsystems dot com>
       Wed, 21 Aug 2002 13:03:12 -0400
 39. Re: qpopper 4.0 install problems
       Clifton Royston <cliftonr at lava dot net>
       Wed, 21 Aug 2002 09:17:46 -1000
 40. Re: qpopper 4.0 install problems
       Clifton Royston <cliftonr at lava dot net>
       Wed, 21 Aug 2002 09:38:43 -1000
 41. RE: qpopper 4.0 install problems
       "Mike Pacheco" <mike at fwdsystems dot com>
       Wed, 21 Aug 2002 15:25:27 -0400
 42. Re: qpopper 4.0 install problems
       Clifton Royston <cliftonr at lava dot net>
       Wed, 21 Aug 2002 10:14:12 -1000
 43. Re: qpopper 4.0 install problems
       Justin Shore <listuser at neo.pittstate dot edu>
       Wed, 21 Aug 2002 15:30:18 -0500
 44. RE: qpopper 4.0 install problems
       "Ken Bradford" <ken at alpha2 dot com>
       Wed, 21 Aug 2002 17:09:53 -0400
 45. Big mailbox: getting errors (maybe timeout)?
       Jose Vicente Nunez Zuleta <josevnz at newbreak dot com>
       Wed, 21 Aug 2002 18:13:57 -0400
 46. Re: qpopper 4.0 install problems
       Justin Shore <listuser at neo.pittstate dot edu>
       Wed, 21 Aug 2002 16:44:27 -0500
 47. Re: qpopper 4.0 install problems
       Clifton Royston <cliftonr at lava dot net>
       Wed, 21 Aug 2002 11:38:26 -1000
 48. SSL with Outlook Express
       "Alex M" <alex at myzona dot net>
       Wed, 21 Aug 2002 16:21:05 -0700
 49. RE: qpopper 4.0 install problems
       "Mike Pacheco" <mike at fwdsystems dot com>
       Wed, 21 Aug 2002 20:20:41 -0400
 50. Re: qpopper 4.0 install problems
       Clifton Royston <cliftonr at lava dot net>
       Wed, 21 Aug 2002 14:29:23 -1000

Date: Mon, 12 Aug 2002 08:33:44 -1000
From: Clifton Royston <cliftonr at lava dot net>
Subject: Re: filesystem quotas

On Mon, Aug 12, 2002 at 05:31:57PM +0200, Eric Luyten wrote:
> [Jeff E.]
> > I subjected my test user to 100 MB of email, and found that once
> > he hit his hard limit, further emails were returned to sender.  
> > This looks good.
> 
> Depends. 
> What are your Mail Transfer Agent and local delivery agent ?
> 
> I do not consider a 'Service Unavailable' error message to sender
> informative.
> 
> There does not appear to be a suitable code (/usr/include/sysexits.h)
> that I can make procmail return to sendmail (our environment). Too bad.

  Procmail as tested here last year (3.14 and 3.15) automatically
returns EX_CANTCREAT for users over quota.  I fudged a bit by making
our MTA return the message "delivery can't add to mailbox, user may be
over mail quota" (emphasis on the "may") though in operation this is
always what it means.

  -- Clifton

-- 
    Clifton Royston  --  LavaNet Systems Architect --  cliftonr at lava dot net
"What do we need to make our world come alive?  
   What does it take to make us sing?
 While we're waiting for the next one to arrive..." - Sisters of Mercy

From: "Amin" <jaradat at anet.net dot sa>
Subject: QPOP log
Date: Tue, 13 Aug 2002 11:49:19 +0300

Sirs,

The logging of qpopper in my messages file contain only :-
Aug 13 03:58:01 mysrv.abc.com popper[25410]: connect from x.x.x.

How can I log also the user account name beside the IP address ???

Thanks,
Jard

Date: Tue, 13 Aug 2002 18:02:25 +0900
From: Peter Evans <peter at gol dot com>
Subject: Re: QPOP log

Amin (jaradat at anet.net dot sa) wrote:
> The logging of qpopper in my messages file contain only :-
> Aug 13 03:58:01 mysrv.abc.com popper[25410]: connect from x.x.x.
 
> How can I log also the user account name beside the IP address ???
 
	At this stage in the game, there is only a connection, authentication
	hasn't happened.

	vv-- if you want a bit longer in your logs, you see:

Aug 13 17:57:35 double-muka popper[7122]: [ID 702911 mail.notice] (v4.0) POP login by user "pon" at (blarf.a-i-c.co.jp) 210.130.159.0

	^^-- depending on OS flavour.


-- 
END OF LINE.


From: Carl Schelin <cschelin at hq.nasa dot gov>
Subject: Re: QPOP log
Date: Tue, 13 Aug 2002 06:01:01 -0400

On Tuesday 13 August 2002 04:49, Amin wrote:
> Sirs,
>
> The logging of qpopper in my messages file contain only :-
> Aug 13 03:58:01 mysrv.abc.com popper[25410]: connect from x.x.x.
>
> How can I log also the user account name beside the IP address ???
>

We made some code changes to also log the username without additional 
debugging information:

Aug 12 21:00:39 mail popper[15123]: APOP authentication ok for "wrogers" from 
"x.x.x.x"

As you can see, we're using APOP as well.

> Thanks,
> Jard

Carl

-- 
                               Carl Schelin

From: "Amin" <jaradat at anet.net dot sa>
Subject: Re: QPOP log
Date: Tue, 13 Aug 2002 13:08:55 +0300

Ok ..
But what to add in my syslog.conf to include all of these logging
informatiom???

Jard
----- Original Message -----
From: "Peter Evans" <peter at gol dot com>
To: "Subscribers of Qpopper" <qpopper at lists.pensive dot org>
Sent: Tuesday, August 13, 2002 12:02 PM
Subject: Re: QPOP log


> Amin (jaradat at anet.net dot sa) wrote:
> > The logging of qpopper in my messages file contain only :-
> > Aug 13 03:58:01 mysrv.abc.com popper[25410]: connect from x.x.x.
>
> > How can I log also the user account name beside the IP address ???
>
> At this stage in the game, there is only a connection, authentication
> hasn't happened.
>
> vv-- if you want a bit longer in your logs, you see:
>
> Aug 13 17:57:35 double-muka popper[7122]: [ID 702911 mail.notice] (v4.0)
POP login by user "pon" at (blarf.a-i-c.co.jp) 210.130.159.0
>
> ^^-- depending on OS flavour.
>
>
> --
> END OF LINE.
>
>


Date: Tue, 13 Aug 2002 19:49:05 +0900
From: Peter Evans <peter at gol dot com>
Subject: Re: QPOP log

Amin (jaradat at anet.net dot sa) wrote:
> Ok ..
> But what to add in my syslog.conf to include all of these logging
> informatiom???
 
	RTFM

	http://www.eudora.com/qpopper/documentation.html

	though it is now a pdf and that is a pain if you dont have graphics.
	failing that

	./configure --help

	--enable-log-logins 
	looks like a good starting point.
	and man syslog (syslog.conf etc)
	If you dont know how syslog works, you probably shouldn't be using unix. 

	P


-- 
END OF LINE.


From: "Amin" <jaradat at anet.net dot sa>
Subject: Re: QPOP log
Date: Tue, 13 Aug 2002 13:38:03 +0300

Do I need to reconfigure QPOP with --enable-log-login ??

Jard
----- Original Message -----
From: "Carl Schelin" <cschelin at hq.nasa dot gov>
To: "Amin" <jaradat at anet.net dot sa>; "Subscribers of Qpopper"
<qpopper at lists.pensive dot org>
Sent: Tuesday, August 13, 2002 1:01 PM
Subject: Re: QPOP log


> On Tuesday 13 August 2002 04:49, Amin wrote:
> > Sirs,
> >
> > The logging of qpopper in my messages file contain only :-
> > Aug 13 03:58:01 mysrv.abc.com popper[25410]: connect from x.x.x.
> >
> > How can I log also the user account name beside the IP address ???
> >
>
> We made some code changes to also log the username without additional
> debugging information:
>
> Aug 12 21:00:39 mail popper[15123]: APOP authentication ok for "wrogers"
from
> "x.x.x.x"
>
> As you can see, we're using APOP as well.
>
> > Thanks,
> > Jard
>
> Carl
>
> --
>                                Carl Schelin
>


From: Carl Schelin <cschelin at hq.nasa dot gov>
Subject: Re: QPOP log
Date: Tue, 13 Aug 2002 06:40:40 -0400

On Tuesday 13 August 2002 06:08, Amin wrote:
> Ok ..
> But what to add in my syslog.conf to include all of these logging
> informatiom???
>
> Jard

You have to turn on debugging when compiling the code or when starting if 
it's configured already. That's why we modified our code. We didn't want all 
the debugging information just for the username. So we added a couple of bits 
of code.

Carl

-- 
                               Carl Schelin

From: Carl Schelin <cschelin at hq.nasa dot gov>
Subject: Re: QPOP log
Date: Tue, 13 Aug 2002 07:27:43 -0400

On Tuesday 13 August 2002 06:52, Amin wrote:
> What option to add when starting qpop with debug ( it is   -t logfile)??
>
> Jard
>

Sorry, I don't have that information at hand. Do you have access to the man 
pages/web site? It's been a couple of years since I've looked at the 
code/docs. We're getting ready to upgrade so I'll be hip deep in a week or 
two.

Carl

-- 
                               Carl Schelin

From: "Amin" <jaradat at anet.net dot sa>
Subject: Re: QPOP log
Date: Tue, 13 Aug 2002 13:52:55 +0300

What option to add when starting qpop with debug ( it is   -t logfile)??

Jard


----- Original Message -----
From: "Carl Schelin" <cschelin at hq.nasa dot gov>
To: "Amin" <jaradat at anet.net dot sa>; "Subscribers of Qpopper"
<qpopper at lists.pensive dot org>
Sent: Tuesday, August 13, 2002 1:40 PM
Subject: Re: QPOP log


> On Tuesday 13 August 2002 06:08, Amin wrote:
> > Ok ..
> > But what to add in my syslog.conf to include all of these logging
> > informatiom???
> >
> > Jard
>
> You have to turn on debugging when compiling the code or when starting if
> it's configured already. That's why we modified our code. We didn't want
all
> the debugging information just for the username. So we added a couple of
bits
> of code.
>
> Carl
>
> --
>                                Carl Schelin
>


From: "Vosburgh, Brian P, CTR, WHS-BB" <bvosburgh at whs dot mil>
Subject: Horde IMP and IMAP question
Date: Tue, 13 Aug 2002 10:11:16 -0400

Does Qpopper support IMAP [yet]?  Are there any issues using IMP and
Qpopper?

tia/

Brian

Date: Tue, 13 Aug 2002 15:58:25 +0100 (BST)
From: Sean Kelly <lists at shortestpath dot org>
Subject: Re: Horde IMP and IMAP question

On Tue, 13 Aug 2002, bvosburgh at whs dot mil wrote:

> Does Qpopper support IMAP [yet]?  Are there any issues using IMP and
> Qpopper?

	Qpopper is a POP server not an IMAP server so I doubt it will
support IMAP.

	I think that, using a recent horde and imp, you can read mail from
a POP box as well as an IMAP box.

--
Sean Kelly


Date: Tue, 13 Aug 2002 11:06:29 -0500
From: Justin Shore <listuser at neo.pittstate dot edu>
Subject: Re: QPOP log

On a RH 7.2 box I get log entries like this:

Aug 10 19:53:58 host in.qpopper[14211]: (v4.0.4) POP login by user 
"userid" at (host.domain.tld) aaa.bbb.ccc.ddd

with these configure options:

./configure  --prefix=/usr/local/ --sysconfdir=/etc/qpopper 
--with-pam=pop3 --enable-apop=/etc/pop.auth --with-popuid=pop 
--with-log-facility=LOG_LOCAL1 --enable-shy --enable-log-login 
--enable-servermode --enable-bulletins=/var/mail/bulls 
--enable-spool-dir=/var/spool/mail --enable-popuid=pop 
--enable-temp-drop-dir=/var
/spool/poptemp

and this in my syslog.conf

local1.*				/var/log/pop.log

Remember, the whitespace in the line above is ALWAYS tabs.

HTH
  J

From: "Brian R. Jones" <bjones at alacritech dot com>
Subject: RE: Filesystem quotas
Date: Tue, 13 Aug 2002 12:39:12 -0700

 |-----Original Message-----
 |From: Justin Shore [mailto:listuser at neo.pittstate dot edu]
 |The
 |feature that applies here is the "Leave on Server For X Days" option.
 |I don't think I've ever seen another mail client with that ability.

Not that I would ever recommend it, but Microsoft outlook will do this. (at
least outlook 2k SR2)



Brian R. Jones                    Sr. Tech Support Engineer
bjones at alacritech dot com                       Alacritech, Inc
408 487 5703             234 E. Gish Rd. San Jose, CA 95112


Date: Tue, 13 Aug 2002 12:50:14 -0700 (PDT)
From: Gregory Hicks <ghicks at cadence dot com>
Subject: RE: Filesystem quotas


> From: "Brian R. Jones" <bjones at alacritech dot com>
> Date: Tue, 13 Aug 2002 12:39:12 -0700
> 
>  |-----Original Message-----
>  |From: Justin Shore [mailto:listuser at neo.pittstate dot edu]
>  |The
>  |feature that applies here is the "Leave on Server For X Days" option.
>  |I don't think I've ever seen another mail client with that ability.

Netscape does this.
Eudora does this.
Mozilla does this.
Zmail does this.
Sylpheed does this.
Mahogany does this.
(I am sure that there are others)
...

Most of these can be found as "Leave mail on server, delete after 'x' days...

Regards,
gregory Hicks

> 
> Not that I would ever recommend it, but Microsoft outlook will do this. (at
> least outlook 2k SR2)


Date: Tue, 13 Aug 2002 18:17:53 -0700
From: Randall Gellens <randy at qualcomm dot com>
Subject: Re: QPOP log

At 1:38 PM +0300 8/13/02, Amin wrote:

>  Do I need to reconfigure QPOP with --enable-log-login ??

No, you can do it as a run-time option and then there is no need to 
recompile.  Most compile-time options are now available as run-time 
options.  See the Admin Guide for complete information.  Also, the 
file sample/qpopper.config contains all options that can be set.

Date: Tue, 13 Aug 2002 18:19:02 -0700
From: Randall Gellens <randy at qualcomm dot com>
Subject: Re: QPOP log

At 6:40 AM -0400 8/13/02, Carl Schelin wrote:

>  You have to turn on debugging when compiling the code or when starting if
>  it's configured already.

If you only want to see a line logged when users log in, you don't 
need to enable debugging.  You can use the log-login option to 
specify the format of the line, and you can add, delete, or modify it 
at will, without having to recompile.

From: "Amin" <jaradat at anet.net dot sa>
Subject: users can't login
Date: Wed, 14 Aug 2002 06:17:42 +0300

Some blocks in my main file system courrpted. I repair it and restore the
files  mised. My system come up but any user try to check his mail, this
error apperas in poper log :-
[11252] banaja: -ERR maillock: '/usr/mail/.banaja.pop'

and in mail log:-
Aug 14 06:11:09 webhost sendmail[10582]: GAB10582: to=yunus1,
delay=00:01:02, xdelay=00:00:31, mailer=local, stat=Can't create output

Any help ???

Jard


From: Eckhard Jokisch <e.jokisch at u-code dot de>
Subject: Re: users can't login
Date: Wed, 14 Aug 2002 11:53:12 +0200

> Some blocks in my main file system courrpted. I repair it and restore the
> files  mised. My system come up but any user try to check his mail, this
> error apperas in poper log :-
> [11252] banaja: -ERR maillock: '/usr/mail/.banaja.pop'
>
> and in mail log:-
> Aug 14 06:11:09 webhost sendmail[10582]: GAB10582: to=yunus1,
> delay=00:01:02, xdelay=00:00:31, mailer=local, stat=Can't create output
>
> Any help ???
>
> Jard
If you are sure no other pop-client is accessing the system simply remove the 
file "/usr/mail/.banaja.pop".

CU 
Eckhard


From: "Lisa Casey" <lisa at jellico dot com>
Subject: Converting from Courier to Qpopper
Date: Thu, 15 Aug 2002 09:59:28 -0400

Hi,

We recently acquired another ISP. On their mail server they are using
Courier IMAP as a POP3 server (evidently Courier has a POP3 component to
their server, the IMAP component isn't being used - the customers do obtain
e-mail via POP3). I have always used Qpopper. I like it and I know how to
trouble-shoot it. I don't like the Courier at all. Does anyone have any idea
if it would be possible to convert this server from Courier to Qpopper? One
possible problem is that mail is not stored in /var/mail. Instead it is
stored in /home/username/Maildir

Any advice will be appreciated!

Thanks,

Lisa Casey
Netlink 2000, INc.




Date: Thu, 15 Aug 2002 06:53:07 -0700 (PDT)
From: The Little Prince <thelittleprince at asteroid-b612 dot org>
Subject: Re: Converting from Courier to Qpopper

On Thu, 15 Aug 2002, Lisa Casey wrote:

> Hi,
>
> We recently acquired another ISP. On their mail server they are using
> Courier IMAP as a POP3 server (evidently Courier has a POP3 component to
> their server, the IMAP component isn't being used - the customers do obtain
> e-mail via POP3). I have always used Qpopper. I like it and I know how to
> trouble-shoot it. I don't like the Courier at all. Does anyone have any idea
> if it would be possible to convert this server from Courier to Qpopper? One
> possible problem is that mail is not stored in /var/mail. Instead it is
> stored in /home/username/Maildir
>

I can't say regarding usernames/passwords, as I dont know courier at all,
if they have their own user DB or what, but regarding spools..

1. use maildir2mbox to convert the spools to mbox format.
OR
2. use my maildir patch for qpopper (but then you'd have to convert YOUR
mbox files to maildir (assuming YOU have spools on the same box) with
mbox2maildir).

so, neither really has an advantage in terms of ease, just in terms of
end-result reliability/performance.

-Tony
.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-.
Anthony J. Biacco                            Network Administrator/Engineer
thelittleprince at asteroid-b612.org              http://www.asteroid-b612 dot org

     "Strange, but it seems, there's a mutiny brewing inside of me"
.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-._.-.



From: "Trey A Mujakporue" <trey.trey at ntlworld dot com>
Subject: TLS/SSL write problems
Date: Thu, 15 Aug 2002 16:23:24 +0100

Hi,
Ive just installed the latest version of qpopper (ver 4.0.4) and
openssl-0.9.6e but i seem to be having problems downloading mail this is
what i see in the logfiles

Aug 15 14:22:29 dogbert qpopper[6684]: (v4.0.4) TLSv1/SSLv3 handshake with
client at m119-mp1.cvx1-a.dialup.com (192.168.1.0); new session-id; cipher:
EXP1024-RC4-SHA (EXP1024-RC4-SHA SSLv3 Kx=RSA(1024) Au=RSA Enc=RC4(56)
Mac=SHA1 export), 56 bits
Aug 15 14:22:30 dogbert qpopper[6684]: (v4.0.4) POP login by user "user" at
(m119-mp1.cvx1-a.dialup.com) 192.168.1.0
Aug 15 14:22:52 dogbert qpopper[6684]: I/O Error
Aug 15 14:22:52 dogbert qpopper[6684]: Error writing to client
Aug 15 14:22:52 dogbert qpopper[6684]: user at m119-mp1.cvx1-a.dialup.com
(192.168.1.0): -ERR SIGHUP or SIGPIPE flagged
Aug 15 14:22:52 dogbert qpopper[6684]: OpenSSL Error during write
Aug 15 14:22:52 dogbert qpopper[6684]: ...SSL error: error:1409F07F:SSL
routines:SSL3_WRITE_PENDING:bad write retry
Aug 15 14:22:52 dogbert qpopper[6684]: Error writing to client
Aug 15 14:22:52 dogbert qpopper[6684]: user at m119-mp1.cvx1-a.dialup.com
(192.168.1.0): -ERR POP hangup from dogbert.xxxxxxxx.com

This is not a chunky write problem as my qpopper configuration file is made
up of the following

set tls-support = alternate-port
set tls-server-cert-file = /etc/mail/certs/stunnel.pem
set chunky-writes = always


Various people on the qpopper mailing list seem to have experienced this
problem
http://www.pensive.org/Mailing_Lists/Archives/Qpopper/Archive-2001-12-20.htm
l#[20]
and
http://www.pensive.org/mailing_lists/Archives/qpopper/Archive-2002-05-30.htm
l#[45]

But there doesnt seem to be any fix available or explanation as to causes
it. Neither is this problem acknowledged in the current Qpopper Faq

Can ANYONE shed some light on this?? (preferably a fix too!) thanks!

://Trey A Mujakporue
://+44 7956 135 722
:sig: It's sad how whole families are torn  apart by simple things... like
wild dogs.


Date: Thu, 15 Aug 2002 12:26:27 -0500
From: SkyDeep <skyd at humankind dot com>
Subject: Re: Qpopper openssl patch.

Has it been confirmed that the latest version of OpenSSL fixes the problem 
with using SSL in Qpopper?

At 11:37 AM 8/9/02 -0700, you wrote:
>And you shouldn't be using less than OpenSSL version 0.9.6g (f came
>out yesterday, g this morning).
>
>
>Quoting Brendan Bank (brendan at gnarst dot net):
> > Hoi,
> >
> > If you compile qpopper with OpenSSL version 0.9.6d or higher there
> > is a problem with some broken SSL implementation on Eudora 5.1.1
> > on windows. Qualcomm is working looking into replacing the SSL ddl
> > to correct the problem.


From: kkim at telcordia dot com
Subject: Error - Please Help
Date: Thu, 15 Aug 2002 13:47:22 -0400

Hello,

I am new to QPopper and wondering if you guys can help me out.
I am getting the following error when I try to send out email using the
user_id : smsadm
== 553 5.5.4 <smsadm>... Domain name required for sender address smsadm
===


Does anyone know why ?

Thanks
-K.Kim-


Date: Thu, 15 Aug 2002 19:38:19 -0500
Subject: ip logged as 0.0.0.0
From: "scott@intrinsix dot net" <scott at intrinsix dot net>

hello list,

I'm trying to get qpopper to log ip addresses using the 
--enable-log-login option,
in order to use a pop-before-smtp hack.

It's logging lines like this right now:
Aug 15 19:19:31.650 2002 [11535] (v4.0.4) POP login by user "scott" at 
(0.0.0.0) 0.0.0.0

I upgraded my gcc to 3.1 and recompiled qpopper like it says in the faq, 
but that did not seem to fix the problem.

I'm running solaris 8.

Any ideas ?

/sh


From: "Alan W. Rateliff, II" <alan at yourvillage dot com>
Subject: Re: ip logged as 0.0.0.0
Date: Fri, 16 Aug 2002 01:59:30 -0400

----- Original Message -----
From: <scott at intrinsix dot net>
To: "Subscribers of Qpopper" <qpopper at lists.pensive dot org>
Sent: Thursday, August 15, 2002 8:38 PM
Subject: ip logged as 0.0.0.0


> --enable-log-login option,
> in order to use a pop-before-smtp hack.

This is somewhat off-topic, but why not use SMTP AUTH instead of the
POP-before-SMTP hack?

> It's logging lines like this right now:
> Aug 15 19:19:31.650 2002 [11535] (v4.0.4) POP login by user "scott" at
> (0.0.0.0) 0.0.0.0

> I'm running solaris 8.

I don't have the exact answer, but ISTR that it was due to an IPv6 issue.
Hopefully that's a place for you to start.  I'm running QPOP on multiple
Solaris machines and haven't seen this behavior before, but I know some
daemons run really strangely if you hand them off with a tcp6 setting from
inetd.

Is your QPOP a stand-alone server or started by inetd?

--
       Alan W. Rateliff, II        :       RATELIFF.NET
 Independent Technology Consultant :    alan2 at rateliff dot net
      (Office) 850/350-0260        :  (Mobile) 850/559-0100
-------------------------------------------------------------
[System Administration][IT Consulting][Computer Sales/Repair]





Date: Fri, 16 Aug 2002 09:32:36 -0500
Subject: Re: ip logged as 0.0.0.0
From: "scott@intrinsix dot net" <scott at intrinsix dot net>

My problem was caused my an tcp6 setting in inetd.conf like this :

pop3    stream  tcp6     nowait  root    /usr/local/lib/popper   popper 
-t /var/log/qpop.log

I changed that tcp6 to tcp and I have ip addresses in my logs now.

Thanks to , Alan W. Rateliff for pointing this out.

/sh

On Friday, August 16, 2002, at 12:59 AM, Alan W. Rateliff, II wrote:

> ----- Original Message -----
> From: <scott at intrinsix dot net>
> To: "Subscribers of Qpopper" <qpopper at lists.pensive dot org>
> Sent: Thursday, August 15, 2002 8:38 PM
> Subject: ip logged as 0.0.0.0
>
>
>> --enable-log-login option,
>> in order to use a pop-before-smtp hack.
>
> This is somewhat off-topic, but why not use SMTP AUTH instead of the
> POP-before-SMTP hack?
>
>> It's logging lines like this right now:
>> Aug 15 19:19:31.650 2002 [11535] (v4.0.4) POP login by user "scott" at
>> (0.0.0.0) 0.0.0.0
>
>> I'm running solaris 8.
>
> I don't have the exact answer, but ISTR that it was due to an IPv6 
> issue.
> Hopefully that's a place for you to start.  I'm running QPOP on multiple
> Solaris machines and haven't seen this behavior before, but I know some
> daemons run really strangely if you hand them off with a tcp6 setting 
> from
> inetd.
>
> Is your QPOP a stand-alone server or started by inetd?
>
> --
>        Alan W. Rateliff, II        :       RATELIFF.NET
>  Independent Technology Consultant :    alan2 at rateliff dot net
>       (Office) 850/350-0260        :  (Mobile) 850/559-0100
> -------------------------------------------------------------
> [System Administration][IT Consulting][Computer Sales/Repair]
>
>
>
>


Date: Sat, 17 Aug 2002 02:09:30 +0900
From: Hajimu UMEMOTO <ume at mahoroba dot org>
Subject: Re: ip logged as 0.0.0.0

Hi,

>>>>> On Fri, 16 Aug 2002 09:32:36 -0500
>>>>> "scott@intrinsix dot net" <scott at intrinsix dot net> said:

scott> My problem was caused my an tcp6 setting in inetd.conf like this :

scott> pop3    stream  tcp6     nowait  root    /usr/local/lib/popper   popper 
scott> -t /var/log/qpop.log

scott> I changed that tcp6 to tcp and I have ip addresses in my logs now.

If you wish to use qpopper via IPv6, you can find my IPv6 patch from:

	http://www.imasy.or.jp/~ume/ipv6/qpopper4.0.4-ipv6-20020502.diff.gz

Sincerely,

--
Hajimu UMEMOTO @ Internet Mutual Aid Society Yokohama, Japan
ume at mahoroba.org  ume at bisd.hitachi dot co dot jp  ume@{,jp.}FreeBSD dot org
http://www.imasy.org/~ume/

Date: Fri, 16 Aug 2002 16:29:39 -0400
From: Theresa M Peter <theresa at email.uc dot edu>
Subject: Deactivating service pop3 due to excessive incoming

I have installed and configured QPopper 4.03 on a RH Linux 7.2 machine.  I 
am currently running some bench marking tests against it.  However during 
the test I am getting the following error in the /var/log/messages file:

linux xinetd[811]: Deactivating service pop3 due to excessive incoming 
connections.  Restarting in 30 seconds.

What do I need to do to so that it will not deactivate the service?

Below is my entry in my xinetd.conf

service pop3
{
         socket_type     =       stream
         protocol        =       tcp
         wait            =       no
         user            =       root
         server          =       /usr/local/sbin/popper
         server_args     =       popper -s -T240 -b /usr/local/bulletins
         port            =       110
}

"Education is not filling a bucket, but lighting a fire."
--William Yeats

Theresa M Peter
Applications Analyst
University of Cincinnati
Bearcat Online Email System
University Hall Suite 400
(513)556-9008


Subject: Re: Deactivating service pop3 due to excessive incoming
From: Kenneth Porter <shiva at well dot com>
Date: 16 Aug 2002 20:39:04 -0700

On Fri, 2002-08-16 at 13:29, Theresa M Peter wrote:

> linux xinetd[811]: Deactivating service pop3 due to excessive incoming 
> connections.  Restarting in 30 seconds.

"man xinetd.conf"

Look at the cps parameter.


Date: Sun, 18 Aug 2002 23:50:48 -0700
From: Randall Gellens <randy at qualcomm dot com>
Subject: Re: Filesystem quotas

At 12:15 PM -0500 8/9/02, Justin Shore wrote:

>  If all email clients supported this, the world would be a much better place.

Many do.

>  It would also be nice is the server could dictate some of these 
> options to the clients when they connect.  That would also be nice. 
> :)

The CAPA command in POP allows the server to advertise to the client 
the number of days that messages are allowed to remain on the server, 
among other things.  Some servers support this, but I'm not aware of 
any clients that do.  If you learn of any, please let me know.

The idea is that if the user says "leave on server for 30 days" and 
the servers says (via CAPA) that messages are deleted after 5 days, 
the client could warn the user that mail probably won't be around as 
long as expected.  The same concept applies to the login-delay and 
other such server policy CAPA tags.



Date: Mon, 19 Aug 2002 00:07:14 -0700
From: Randall Gellens <randy at qualcomm dot com>
Subject: Re: Error - Please Help

At 1:47 PM -0400 8/15/02, kkim at telcordia dot com wrote:

>  I am new to QPopper and wondering if you guys can help me out.
>  I am getting the following error when I try to send out email using the
>  user_id : smsadm
>  == 553 5.5.4 <smsadm>... Domain name required for sender address smsadm
>  ===

This doesn't appear to be a Qpopper error.

Date: Mon, 19 Aug 2002 00:01:18 -0700
From: Randall Gellens <randy at qualcomm dot com>
Subject: Re: Filesystem quotas

At 9:34 AM +0200 8/12/02, Eric Luyten wrote:

>  We operate 56 GB of spool for 25000 users and the (dual Ultra Wide SCSI)
>  I/O channels are pretty close to saturation during ofice hours.

Do the new features in Qpopper 4.0 help at all?  (Cache files, fast-update)

Date: Mon, 19 Aug 2002 00:06:31 -0700
From: Randall Gellens <randy at qualcomm dot com>
Subject: Re: TLS/SSL write problems

At 4:23 PM +0100 8/15/02, Trey A Mujakporue wrote:

>  Aug 15 14:22:30 dogbert qpopper[6684]: (v4.0.4) POP login by user "user" at
>  (m119-mp1.cvx1-a.dialup.com) 192.168.1.0
>  Aug 15 14:22:52 dogbert qpopper[6684]: I/O Error
>  Aug 15 14:22:52 dogbert qpopper[6684]: Error writing to client
>  Aug 15 14:22:52 dogbert qpopper[6684]: user at m119-mp1.cvx1-a.dialup.com
>  (192.168.1.0): -ERR SIGHUP or SIGPIPE flagged

The error is only 22 seconds after login, so it doesn't look like 
client timeout caused by chunky writes on a congested network.

I'd suggest (a) trying a different client and see if the problem goes 
away or changes, and (b) enable client tracing to see what it thinks 
is going on.

Subject: Re: Filesystem quotas
Date: Mon, 19 Aug 2002 11:41:01 +0200 (MET DST)
From: Eric Luyten <Eric.Luyten at vub.ac dot be>

> At 9:34 AM +0200 8/12/02, Eric Luyten wrote:
> 
> >  We operate 56 GB of spool for 25000 users and the (dual Ultra Wide SCSI)
> >  I/O channels are pretty close to saturation during ofice hours.
> 
[Randall G.]
> Do the new features in Qpopper 4.0 help at all?  (Cache files, fast-update)


We migrated from 3.1.2 to 4.0.3 in June 2001.
(caching enabled, fast-updates enabled, two-level mailspool directory hash,
 +250,000 POP accesses on a typical working day, many users have leave-mail-
 on-server set)

If I remember correctly, server I/O load dropped by two thirds and CPU load 
by half.

We'd be elsewhere if it hadn't been for the benefits offered by Qpopper 4.


Eric.

Date: Mon, 19 Aug 2002 10:44:25 -0400
From: Jose Vicente Nunez Zuleta <josevnz at newbreak dot com>
Subject: Big mailbox: getting errors (maybe timeout)?

Greetings,

I have an user with a big mailbox (64MB+); This use is trying to donwload his messages from yahoo.com, but after he starts the process he gets the following errors:

Aug 19 07:58:07 YYYY in.qpopper[26582]: (v4.0.4) POP login by user
"XXX" at (web12502.mail.yahoo.com) 216.136.173.194
Aug 19 07:58:40 YYYY in.qpopper[26582]: XXX at web12502.mail.yahoo.com
(216.136.173.194): -ERR POP EOF or I/O Error
Aug 19 07:58:40 YYYY in.qpopper[26582]: Stats: XXX 0 0 5788 67680191
web12502.mail.yahoo.com 216.136.173.194
Aug 19 07:58:43 YYYY in.qpopper[26582]: I/O error flushing output to
client XXX at web12502.mail.yahoo.com [216.136.173.194]: Operation not
permitted (1)

(YYYY is the name of our pop server, XXX is the name of the user. All names changed to protect the inocent :))

Is going to be difficult to clear the mailbox contents (the user is leaving the messages on the server). 

Is this a timeout problem? If so, which parameter i should try to increase to allow this user to download his messages (probably he will get an error on his yahoo account due space limits but thats another story).

Does qpopper has a limit on the mailbox size?

Thanks in advance,

JV.

From: "Mike Pacheco" <mike at fwdsystems dot com>
Subject: qpopper 4.0 install problems
Date: Wed, 21 Aug 2002 11:28:02 -0400

Hi All,

Though I had this install down pretty good.  Got a RedHat 7.1 box with
sendmail 8.11 and qpopper running fine - used the following options to
install it and it worked first try.

----------
#!/bin/sh
#
# Install config switches used on first attempt
#
./configure \
	--enable-specialauth \
	--enable-auth-file=/etc/pop/authuser \
	--enable-log-login \
	--enable-popuid=pop \
	--enable-servermode \
	--enable-shy

make
make install
----------

Now I am upgrading a seperate box to take its place - this one is RH 7.3
with sendmail 8.12.5 - using qpopper 4.0 and the same install script - the
authfile is there - permission are OK - I even opened them up to 777 on
directory and file for testing once I started having problems.  But
everytime I telnet localhost 110 and do

--
+OK ready
user xxx
+OK Password required for xxx
pass 123xyz
-ERR [AUTH] Password supplied for "xxx" is incorrect.
--

The password is OK - I've checked it and changed it, plus tried different
users - it OK's the user - just not the password - the users are in the
auth-file.  I've deleted source and binary and recompiled 3 times - each
time I see

--
Found getspname (); using shadow passwords by default
Restricting access to only users listed in /etc/pop/authuser
--
Plus the usual other confige words - no errors during configure, make or
make install.

In short - I'm stumped - RH didn't change the shadow password system between
7.1 and 7.3? Did it?  I can't authenticate to pop - any ideas?

Thanks - Mike Pacheco



From: "Mike Pacheco" <mike at fwdsystems dot com>
Subject: RE: qpopper 4.0 install problems
Date: Wed, 21 Aug 2002 13:03:12 -0400

Hi Brian,

Thanks for the reply.

The only way I can see in the qpopper docs to tell it about MD5 is
with --with-pam - added that configure option - set up a pam service as
outlined in the qpopper install docs and ran it.

The configure runs fine - but make blows up with alot of complaints about
pam variables in pop_pass.c

----
-g -O2 -DHAVE_CONFIG_H  -DLINUX -DUNIX pop_pass.c -o pop_pass.o
pop_pass.c:377: warning: `struct pam_response' declared inside parameter
list
pop_pass.c:377: warning: its scope is only this definition or declaration,
which is probably not what you want.
pop_pass.c:377: warning: `struct pam_message' declared inside parameter list
pop_pass.c: In function `PAM_qpopper_conv':
pop_pass.c:385: `PAM_SYSTEM_ERR' undeclared (first use in this function)
pop_pass.c:385: (Each undeclared identifier is reported only once
pop_pass.c:385: for each function it appears in.)
pop_pass.c:389: sizeof applied to an incomplete type
pop_pass.c:391: `PAM_CONV_ERR' undeclared (first use in this function)
pop_pass.c:396: dereferencing pointer to incomplete type
pop_pass.c:398: `PAM_PROMPT_ECHO_ON' undeclared (first use in this function)
pop_pass.c:399: arithmetic on pointer to an incomplete type
pop_pass.c:399: dereferencing pointer to incomplete type
pop_pass.c:399: `PAM_SUCCESS' undeclared (first use in this function)
pop_pass.c:400: arithmetic on pointer to an incomplete type
pop_pass.c:400: dereferencing pointer to incomplete type
pop_pass.c:404: `PAM_PROMPT_ECHO_OFF' undeclared (first use in this
function)
pop_pass.c:405: arithmetic on pointer to an incomplete type
pop_pass.c:405: dereferencing pointer to incomplete type
pop_pass.c:406: arithmetic on pointer to an incomplete type
pop_pass.c:406: dereferencing pointer to incomplete type
pop_pass.c:410: `PAM_TEXT_INFO' undeclared (first use in this function)
pop_pass.c:411: `PAM_ERROR_MSG' undeclared (first use in this function)
pop_pass.c:412: arithmetic on pointer to an incomplete type
pop_pass.c:412: dereferencing pointer to incomplete type
pop_pass.c:413: arithmetic on pointer to an incomplete type
pop_pass.c:413: dereferencing pointer to incomplete type
pop_pass.c:416: default label not within a switch statement
pop_pass.c: At top level:
pop_pass.c:428: variable `PAM_conversation' has initializer but incomplete
type
pop_pass.c:429: warning: excess elements in struct initializer
pop_pass.c:429: warning: (near initialization for `PAM_conversation')
pop_pass.c:431: warning: excess elements in struct initializer
pop_pass.c:431: warning: (near initialization for `PAM_conversation')
pop_pass.c: In function `auth_user':
pop_pass.c:439: `pam_handle_t' undeclared (first use in this function)
pop_pass.c:439: `pamh' undeclared (first use in this function)
pop_pass.c:439: invalid lvalue in assignment
pop_pass.c:440: parse error before `int'
pop_pass.c:447: invalid use of undefined type `struct pam_conv'
pop_pass.c:449: `pamerror' undeclared (first use in this function)
pop_pass.c:452: `PAM_SUCCESS' undeclared (first use in this function)
pop_pass.c:455: `erc' undeclared (first use in this function)
pop_pass.c:476: `errmsg' undeclared (first use in this function)
pop_pass.c:491: `PAM_ESTABLISH_CRED' undeclared (first use in this function)
pop_pass.c:501: `PAM_TTY' undeclared (first use in this function)
pop_pass.c:509: `PAM_RHOST' undeclared (first use in this function)
make[1]: *** [pop_pass.o] Error 1
make[1]: Leaving directory `/usr/local/src/qpopper4.0.4/popper'
make: *** [popper_server] Error 2
---

Anybody got any ideas?

Thanks  Mike

-----Original Message-----
From: Brian C. Hill [mailto:bchill at bch dot net]
Sent: Wednesday, August 21, 2002 11:32 AM
To: Mike Pacheco
Subject: Re: qpopper 4.0 install problems


	Maybe this is the md5 issue with redhat. I think
you need to specify that on the configure line.

Brian
=====================================================================
On Wed, Aug 21, 2002 at 11:28:02AM -0400, Mike Pacheco wrote:
> Hi All,
>
> Though I had this install down pretty good.  Got a RedHat 7.1 box with
> sendmail 8.11 and qpopper running fine - used the following options to
> install it and it worked first try.
>
> ----------
> #!/bin/sh
> #
> # Install config switches used on first attempt
> #
> ./configure \
> 	--enable-specialauth \
> 	--enable-auth-file=/etc/pop/authuser \
> 	--enable-log-login \
> 	--enable-popuid=pop \
> 	--enable-servermode \
> 	--enable-shy
>
> make
> make install
> ----------
>
> Now I am upgrading a seperate box to take its place - this one is RH 7.3
> with sendmail 8.12.5 - using qpopper 4.0 and the same install script - the
> authfile is there - permission are OK - I even opened them up to 777 on
> directory and file for testing once I started having problems.  But
> everytime I telnet localhost 110 and do
>
> --
> +OK ready
> user xxx
> +OK Password required for xxx
> pass 123xyz
> -ERR [AUTH] Password supplied for "xxx" is incorrect.
> --
>
> The password is OK - I've checked it and changed it, plus tried different
> users - it OK's the user - just not the password - the users are in the
> auth-file.  I've deleted source and binary and recompiled 3 times - each
> time I see
>
> --
> Found getspname (); using shadow passwords by default
> Restricting access to only users listed in /etc/pop/authuser
> --
> Plus the usual other confige words - no errors during configure, make or
> make install.
>
> In short - I'm stumped - RH didn't change the shadow password system
between
> 7.1 and 7.3? Did it?  I can't authenticate to pop - any ideas?
>
> Thanks - Mike Pacheco
>

--
   _____________________________________________________________________
  / Brian C. Hill	bchill at bch.net   	http://brian.bch dot net	\
  | Unix Specialist	BCH Technical Services	http://www.bch.net	|




Date: Wed, 21 Aug 2002 09:17:46 -1000
From: Clifton Royston <cliftonr at lava dot net>
Subject: Re: qpopper 4.0 install problems

On Wed, Aug 21, 2002 at 11:28:02AM -0400, Mike Pacheco wrote:
> Now I am upgrading a seperate box to take its place - this one is RH 7.3
> with sendmail 8.12.5 - using qpopper 4.0 and the same install script - the
> authfile is there - permission are OK - I even opened them up to 777 on
> directory and file for testing once I started having problems.  But
> everytime I telnet localhost 110 and do
> 
> --
> +OK ready
> user xxx
> +OK Password required for xxx
> pass 123xyz
> -ERR [AUTH] Password supplied for "xxx" is incorrect.
> --
> 
> The password is OK - I've checked it and changed it, plus tried different
> users - it OK's the user - just not the password.

  FYI, you can not count on this to verify anything.  Popper tries to
provide the identical response for invalid user and invalid password.
This is troublesome when debugging, but necessary for security because
otherwise it would rapidly leak information about exactly what users
are valid on your system.

I.e. if you put 
user totallybogususernotonthissystem

You will still get:
+OK Password required for totallybogususernotonthissystem
pass chyeah,right!
-ERR [AUTH] Password supplied for "totallybogususernotonthissystem" is incorrect.

I just don't want you to go down a totally wrong path troubleshooting
because of this.  

  Normally qpopper's configure step automatically detects the right way
to interface to the system's native authentication routines and uses
them.  That is, qpopper shouldn't care about MD5 hashes in the password
file vs. Blowfish vs. whatever; it relies on the OS interfaces to tell
it whether the user/password combo is valid.  You shouldn't *need* to
specify PAM, either, in most cases.  It sounds to me like it's most
likely that the Linux 7.3 interfaces are failing to authenticate these
users to qpopper for a reason unknown.

  On a hunch, you might try *removing* that "--enablespecialauth" in
the configure step; if the 7.3 interfaces are cleaner and easier for
qpopper to autodetect, that flag might even be messing it up.

  If this doesn't do it, maybe try temporarily enabling some other
service and try connecting to it for one of these users (FTP, telnet)
and see if you can get that to authenticate for them.

  -- Clifton

-- 
    Clifton Royston  --  LavaNet Systems Architect --  cliftonr at lava dot net
"What do we need to make our world come alive?  
   What does it take to make us sing?
 While we're waiting for the next one to arrive..." - Sisters of Mercy

Date: Wed, 21 Aug 2002 09:38:43 -1000
From: Clifton Royston <cliftonr at lava dot net>
Subject: Re: qpopper 4.0 install problems

On Wed, Aug 21, 2002 at 03:25:27PM -0400, Mike Pacheco wrote:
> Hi Clifton,
> 
> Already tried without the --enable-specialauth - even went as far as
> removing source and binary between each compile so I knew the options were
> true in each differnet configure I tried.  Tried  a bunch of combinations
> during each including nothing but the auth-file - getting the same error
> each time.  I'll try one or two more, then I think its time to look at imap.
> Any debugging tips - I'm decent with reading debugs, but I'm no programmer
> by a long shot.

Yes, invoke popper with "-d" and one run transaction with the invalid
user so you get a trace of the transaction in the logfile and can see
what's failing.

  -- Clifton

-- 
    Clifton Royston  --  LavaNet Systems Architect --  cliftonr at lava dot net
"What do we need to make our world come alive?  
   What does it take to make us sing?
 While we're waiting for the next one to arrive..." - Sisters of Mercy

From: "Mike Pacheco" <mike at fwdsystems dot com>
Subject: RE: qpopper 4.0 install problems
Date: Wed, 21 Aug 2002 15:25:27 -0400

Hi Clifton,

Already tried without the --enable-specialauth - even went as far as
removing source and binary between each compile so I knew the options were
true in each differnet configure I tried.  Tried  a bunch of combinations
during each including nothing but the auth-file - getting the same error
each time.  I'll try one or two more, then I think its time to look at imap.
Any debugging tips - I'm decent with reading debugs, but I'm no programmer
by a long shot.

Thanks  Mike

-----Original Message-----
From: Clifton Royston [mailto:cliftonr at lava dot net]
Sent: Wednesday, August 21, 2002 3:18 PM
To: Mike Pacheco
Cc: Subscribers of Qpopper
Subject: Re: qpopper 4.0 install problems


On Wed, Aug 21, 2002 at 11:28:02AM -0400, Mike Pacheco wrote:
> Now I am upgrading a seperate box to take its place - this one is RH 7.3
> with sendmail 8.12.5 - using qpopper 4.0 and the same install script - the
> authfile is there - permission are OK - I even opened them up to 777 on
> directory and file for testing once I started having problems.  But
> everytime I telnet localhost 110 and do
>
> --
> +OK ready
> user xxx
> +OK Password required for xxx
> pass 123xyz
> -ERR [AUTH] Password supplied for "xxx" is incorrect.
> --
>
> The password is OK - I've checked it and changed it, plus tried different
> users - it OK's the user - just not the password.

  FYI, you can not count on this to verify anything.  Popper tries to
provide the identical response for invalid user and invalid password.
This is troublesome when debugging, but necessary for security because
otherwise it would rapidly leak information about exactly what users
are valid on your system.

I.e. if you put
user totallybogususernotonthissystem

You will still get:
+OK Password required for totallybogususernotonthissystem
pass chyeah,right!
-ERR [AUTH] Password supplied for "totallybogususernotonthissystem" is
incorrect.

I just don't want you to go down a totally wrong path troubleshooting
because of this.

  Normally qpopper's configure step automatically detects the right way
to interface to the system's native authentication routines and uses
them.  That is, qpopper shouldn't care about MD5 hashes in the password
file vs. Blowfish vs. whatever; it relies on the OS interfaces to tell
it whether the user/password combo is valid.  You shouldn't *need* to
specify PAM, either, in most cases.  It sounds to me like it's most
likely that the Linux 7.3 interfaces are failing to authenticate these
users to qpopper for a reason unknown.

  On a hunch, you might try *removing* that "--enablespecialauth" in
the configure step; if the 7.3 interfaces are cleaner and easier for
qpopper to autodetect, that flag might even be messing it up.

  If this doesn't do it, maybe try temporarily enabling some other
service and try connecting to it for one of these users (FTP, telnet)
and see if you can get that to authenticate for them.

  -- Clifton

--
    Clifton Royston  --  LavaNet Systems Architect --  cliftonr at lava dot net
"What do we need to make our world come alive?
   What does it take to make us sing?
 While we're waiting for the next one to arrive..." - Sisters of Mercy




Date: Wed, 21 Aug 2002 10:14:12 -1000
From: Clifton Royston <cliftonr at lava dot net>
Subject: Re: qpopper 4.0 install problems

On Wed, Aug 21, 2002 at 03:25:27PM -0400, Mike Pacheco wrote:
> Hi Clifton,
> 
> Already tried without the --enable-specialauth - even went as far as
> removing source and binary between each compile so I knew the options were
> true in each differnet configure I tried.  Tried  a bunch of combinations
> during each including nothing but the auth-file - getting the same error
> each time.  I'll try one or two more, then I think its time to look at imap.
> Any debugging tips - I'm decent with reading debugs, but I'm no programmer
> by a long shot.

  I just realized something - the 10W light bulb belatedly went on.

  You're using Redhat?  Install an RPM for qpopper; someone else has
done all the work.  End of problem.  If you're thinking of switching to
imap, this is sure to be less work.

  -- Clifton

-- 
    Clifton Royston  --  LavaNet Systems Architect --  cliftonr at lava dot net
"What do we need to make our world come alive?  
   What does it take to make us sing?
 While we're waiting for the next one to arrive..." - Sisters of Mercy

Date: Wed, 21 Aug 2002 15:30:18 -0500
From: Justin Shore <listuser at neo.pittstate dot edu>
Subject: Re: qpopper 4.0 install problems

I'm successfully using this on RH 7.2 and 7.3 boxes.

./configure  --prefix=/usr/local/ --sysconfdir=/etc/qpopper 
--with-pam=pop3 --with-popuid=pop --with-log-facility=LOG_LOCAL1 
--enable-shy --enable-log-login --enable-servermode 
--enable-bulletins=/var/mail/bulls --enable-spool-dir=/var/mail/spool 
--enable-popuid=pop --enable-temp-drop-dir=/var/mail/poptemp 
--enable-fast-update

I suspect you need PAM support.  Don't mess with the specailauth 
stuff; let PAM do its job.  My /etc/pam.d/pop3 contains:

#%PAM-1.0
auth       required     /lib/security/pam_pwdb.so shadow
account    required     /lib/security/pam_pwdb.so
password   required     /lib/security/pam_cracklib.so
password   required     /lib/security/pam_pwdb.so nullok use_authtok md5 shadow
session    required     /lib/security/pam_pwdb.so

BTW, I never have gotten 4.0.4 to compile with poppassd enabled.


HTH
  Justin
-- 

--
Justin Shore, ES-SS ES-SSR                Pittsburg State University
Network & Systems Manager                 http://www.pittstate.edu/ois/

From: "Ken Bradford" <ken at alpha2 dot com>
Subject: RE: qpopper 4.0 install problems
Date: Wed, 21 Aug 2002 17:09:53 -0400

>   I just realized something - the 10W light bulb belatedly went on.
> 
>   You're using Redhat?  Install an RPM for qpopper; someone else has
> done all the work.  End of problem.  If you're thinking of switching to
> imap, this is sure to be less work.
> 
>   -- Clifton
> 
huh, when did that happen? I mean, recently, or did I just miss it before?

Ken Bradford
Alpha II Service, Inc.
(614)868-5033 


Date: Wed, 21 Aug 2002 18:13:57 -0400
From: Jose Vicente Nunez Zuleta <josevnz at newbreak dot com>
Subject: Big mailbox: getting errors (maybe timeout)?


Greetings,

I have an user with a big mailbox (64MB+); This use is trying to donwload his messages from yahoo.com, but after he starts the process he gets the following errors:

Aug 19 07:58:07 YYYY in.qpopper[26582]: (v4.0.4) POP login by user
"XXX" at (web12502.mail.yahoo.com) 216.136.173.194
Aug 19 07:58:40 YYYY in.qpopper[26582]: XXX at web12502.mail.yahoo.com
(216.136.173.194): -ERR POP EOF or I/O Error
Aug 19 07:58:40 YYYY in.qpopper[26582]: Stats: XXX 0 0 5788 67680191
web12502.mail.yahoo.com 216.136.173.194
Aug 19 07:58:43 YYYY in.qpopper[26582]: I/O error flushing output to
client XXX at web12502.mail.yahoo.com [216.136.173.194]: Operation not
permitted (1)

(YYYY is the name of our pop server, XXX is the name of the user. All names changed to protect the inocent :))

Is going to be difficult to clear the mailbox contents (the user is leaving the messages on the server). 

Is this a timeout problem? If so, which parameter i should try to increase to allow this user to download his messages (probably he will get an error on his yahoo account due space limits but thats another story).

Does qpopper has a limit on the mailbox size?

Thanks in advance,

JV.

Date: Wed, 21 Aug 2002 16:44:27 -0500
From: Justin Shore <listuser at neo.pittstate dot edu>
Subject: Re: qpopper 4.0 install problems

At 11:38 AM -1000 8/21/02, Clifton Royston wrote:
>On Wed, Aug 21, 2002 at 03:30:18PM -0500, Justin Shore wrote:
>>  I'm successfully using this on RH 7.2 and 7.3 boxes.
>>
>>  ./configure  --prefix=/usr/local/ --sysconfdir=/etc/qpopper
>>  --with-pam=pop3 --with-popuid=pop --with-log-facility=LOG_LOCAL1
>>  --enable-shy --enable-log-login --enable-servermode
>>  --enable-bulletins=/var/mail/bulls --enable-spool-dir=/var/mail/spool
>>  --enable-popuid=pop --enable-temp-drop-dir=/var/mail/poptemp
>>  --enable-fast-update
>>
>>  I suspect you need PAM support.  Don't mess with the specailauth
>>  stuff; let PAM do its job.  My /etc/pam.d/pop3 contains:
>>
>>  #%PAM-1.0
>>  auth       required     /lib/security/pam_pwdb.so shadow
>>  account    required     /lib/security/pam_pwdb.so
>>  password   required     /lib/security/pam_cracklib.so
>>  password   required     /lib/security/pam_pwdb.so nullok 
>>use_authtok md5 shadow
>>  session    required     /lib/security/pam_pwdb.so
>
>Actually... absence of this configuration file to tell PAM to authorize
>POP connections might be exactly the problem. 
>
>I don't use PAM so I tend to forget about this.

I just finished building and deploying my 4th server in 1.5 months 
and I forgot it on every one.  I probably won't forget it too many 
more times before I get the darned thing memorized. :)

Justin
-- 

--
Justin Shore, ES-SS ES-SSR                Pittsburg State University
Network & Systems Manager                 http://www.pittstate.edu/ois/

Date: Wed, 21 Aug 2002 11:38:26 -1000
From: Clifton Royston <cliftonr at lava dot net>
Subject: Re: qpopper 4.0 install problems

On Wed, Aug 21, 2002 at 03:30:18PM -0500, Justin Shore wrote:
> I'm successfully using this on RH 7.2 and 7.3 boxes.
> 
> ./configure  --prefix=/usr/local/ --sysconfdir=/etc/qpopper 
> --with-pam=pop3 --with-popuid=pop --with-log-facility=LOG_LOCAL1 
> --enable-shy --enable-log-login --enable-servermode 
> --enable-bulletins=/var/mail/bulls --enable-spool-dir=/var/mail/spool 
> --enable-popuid=pop --enable-temp-drop-dir=/var/mail/poptemp 
> --enable-fast-update
> 
> I suspect you need PAM support.  Don't mess with the specailauth 
> stuff; let PAM do its job.  My /etc/pam.d/pop3 contains:
> 
> #%PAM-1.0
> auth       required     /lib/security/pam_pwdb.so shadow
> account    required     /lib/security/pam_pwdb.so
> password   required     /lib/security/pam_cracklib.so
> password   required     /lib/security/pam_pwdb.so nullok use_authtok md5 shadow
> session    required     /lib/security/pam_pwdb.so

Actually... absence of this configuration file to tell PAM to authorize
POP connections might be exactly the problem.  

I don't use PAM so I tend to forget about this.

  -- Clifton

-- 
    Clifton Royston  --  LavaNet Systems Architect --  cliftonr at lava dot net
"What do we need to make our world come alive?  
   What does it take to make us sing?
 While we're waiting for the next one to arrive..." - Sisters of Mercy

From: "Alex M" <alex at myzona dot net>
Subject: SSL with Outlook Express
Date: Wed, 21 Aug 2002 16:21:05 -0700

Greetings all,

I have just finished adding TLS/SSL support for my Qpopper 4.0.3 running on
a FreeBSD server.
I have created my own signed certs as per the documentation.

I want Qpopper to accept connections on both 110 (non-secure) and 995
(secure) ports.
Having just the 995 port works perfectly. But having both, I experience
troubles.

My setting for stls in qpopper.conf is
set tls-support              = stls

I have both service pop { ... } and service pop3s { ... } in xinetd. Now,
110 (non-secure) works perfectly, but whenever I check the box in Outlook
Express to use SSL (995 port), it gives me an error.
I tried disabling pop3, and then just the pop3s in xinetd.. I have also
tried changing "stls" to "alternate-port", but I still cant have qpopper
accept connections on both ports. In some instances, it connects to110 port
and does nothing and stays that way forever.

Any hints on how I can accomplish this?

Mind if I ask an Outlook Express related question, a popup window always
shows up whenever I turn off and switch back on the mail client and try to
connect to port 995, saying that the cert is not trusted. Is there a way,
where I can somehow tell Outlook Express to always trust this host, so it
doesnt complain each time? I have looked thru all the security and advanced
options but did not find anything relevant, perhaps I am blind.

Thank you much in advance.

P.S. I know I didnt supply enough info on specific errors and instances, But
I feel that I am just doing the wrong procedure here, please say so if you
need more error details.

--
Alex M.



From: "Mike Pacheco" <mike at fwdsystems dot com>
Subject: RE: qpopper 4.0 install problems
Date: Wed, 21 Aug 2002 20:20:41 -0400

Hi Cliff,

I wish there was an RPM available for this, rpmfind.net lists only one 4.01
RPM compiled with APOP - which I can't use - need OS auth and was looking
for 4.04 for security fixes.  I installed the imap rpm and selected the pop
option and was running in under 5 minutes.  That being said I'm reading into
the security of this package and I'm not happy with it - I'll clean up this
box and try qpopper a few more times - worse comes to worse I'll run imap's
pop server for a few days while I rebuild the old RH 7.1 box to a bare build
and try qpopper on that one.

Thanks for the input all.

Mike

-----Original Message-----
From: Clifton Royston [mailto:cliftonr at lava dot net]
Sent: Wednesday, August 21, 2002 4:14 PM
To: Mike Pacheco
Cc: 'Subscribers of Qpopper'
Subject: Re: qpopper 4.0 install problems


On Wed, Aug 21, 2002 at 03:25:27PM -0400, Mike Pacheco wrote:
> Hi Clifton,
>
> Already tried without the --enable-specialauth - even went as far as
> removing source and binary between each compile so I knew the options were
> true in each differnet configure I tried.  Tried  a bunch of combinations
> during each including nothing but the auth-file - getting the same error
> each time.  I'll try one or two more, then I think its time to look at
imap.
> Any debugging tips - I'm decent with reading debugs, but I'm no programmer
> by a long shot.

  I just realized something - the 10W light bulb belatedly went on.

  You're using Redhat?  Install an RPM for qpopper; someone else has
done all the work.  End of problem.  If you're thinking of switching to
imap, this is sure to be less work.

  -- Clifton

--
    Clifton Royston  --  LavaNet Systems Architect --  cliftonr at lava dot net
"What do we need to make our world come alive?
   What does it take to make us sing?
 While we're waiting for the next one to arrive..." - Sisters of Mercy



Date: Wed, 21 Aug 2002 14:29:23 -1000
From: Clifton Royston <cliftonr at lava dot net>
Subject: Re: qpopper 4.0 install problems

On Wed, Aug 21, 2002 at 08:20:41PM -0400, Mike Pacheco wrote:
> Hi Cliff,
> 
> I wish there was an RPM available for this, rpmfind.net lists only one 4.01
> RPM compiled with APOP - which I can't use - need OS auth and was looking
> for 4.04 for security fixes. 

I just finished looking for it and found the same thing.  Sorry to have
misled you.

Kenneth Porter was maintaining that SRPM for a while, but probably life
has caught up with him, the same way it's trampled on many of the
things I've been intending to do.

  As to security... not to start a holy war but IMHO UW imapd is no
more secure than qpopper.  There have been numerous pre- and post-
authentication compromises with it in the past, and its configuration
gives users read access to any world-readable file on your system, by
design, unless you modify the source to prevent it.  Having read the
source for both, I'd favor qpopper as being at least comprehensible.
  -- Clifton

-- 
    Clifton Royston  --  LavaNet Systems Architect --  cliftonr at lava dot net
"What do we need to make our world come alive?  
   What does it take to make us sing?
 While we're waiting for the next one to arrive..." - Sisters of Mercy

Last updated on 21 Aug 2002 by Pensive Mailing List Admin